CE-EE parity for shared config files
This copies over EE-specific changes to shared configuration files in CE.
This commit is contained in:
parent
6d3fede0af
commit
db04a18d7d
|
@ -664,6 +664,9 @@ production: &base
|
||||||
# Port where the client side certificate is requested by the webserver (NGINX/Apache)
|
# Port where the client side certificate is requested by the webserver (NGINX/Apache)
|
||||||
# client_certificate_required_port: 3444
|
# client_certificate_required_port: 3444
|
||||||
|
|
||||||
|
# Browser session with smartcard sign-in is required for Git access
|
||||||
|
# required_for_git_access: false
|
||||||
|
|
||||||
## Kerberos settings
|
## Kerberos settings
|
||||||
kerberos:
|
kerberos:
|
||||||
# Allow the HTTP Negotiate authentication method for Git clients
|
# Allow the HTTP Negotiate authentication method for Git clients
|
||||||
|
|
|
@ -10,7 +10,8 @@ if Rails.env.test?
|
||||||
# it reads + parses `db/migrate/*` each time. Memoizing it can save 0.5
|
# it reads + parses `db/migrate/*` each time. Memoizing it can save 0.5
|
||||||
# seconds per spec.
|
# seconds per spec.
|
||||||
def migrations(paths)
|
def migrations(paths)
|
||||||
(@migrations ||= migrations_unmemoized(paths)).dup
|
@migrations ||= {}
|
||||||
|
(@migrations[paths] ||= migrations_unmemoized(paths)).dup
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -62,6 +62,31 @@ class Settings < Settingslogic
|
||||||
(base_url(gitlab) + [gitlab.relative_url_root]).join('')
|
(base_url(gitlab) + [gitlab.relative_url_root]).join('')
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def kerberos_protocol
|
||||||
|
kerberos.https ? "https" : "http"
|
||||||
|
end
|
||||||
|
|
||||||
|
def kerberos_port
|
||||||
|
kerberos.use_dedicated_port ? kerberos.port : gitlab.port
|
||||||
|
end
|
||||||
|
|
||||||
|
# Curl expects username/password for authentication. However when using GSS-Negotiate not credentials should be needed.
|
||||||
|
# By inserting in the Kerberos dedicated URL ":@", we give to curl an empty username and password and GSS auth goes ahead
|
||||||
|
# Known bug reported in http://sourceforge.net/p/curl/bugs/440/ and http://curl.haxx.se/docs/knownbugs.html
|
||||||
|
def build_gitlab_kerberos_url
|
||||||
|
[
|
||||||
|
kerberos_protocol,
|
||||||
|
"://:@",
|
||||||
|
gitlab.host,
|
||||||
|
":#{kerberos_port}",
|
||||||
|
gitlab.relative_url_root
|
||||||
|
].join('')
|
||||||
|
end
|
||||||
|
|
||||||
|
def alternative_gitlab_kerberos_url?
|
||||||
|
kerberos.enabled && (build_gitlab_kerberos_url != build_gitlab_url)
|
||||||
|
end
|
||||||
|
|
||||||
# check that values in `current` (string or integer) is a contant in `modul`.
|
# check that values in `current` (string or integer) is a contant in `modul`.
|
||||||
def verify_constant_array(modul, current, default)
|
def verify_constant_array(modul, current, default)
|
||||||
values = default || []
|
values = default || []
|
||||||
|
|
Loading…
Reference in New Issue